#!/bin/bash -eu
#
# Copyright 2017 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

tmpdir=$(mktemp -d)
cd "${tmpdir}"

openssl req -new -nodes \
  -keyout c2d-temporary-self-signed-cert.key \
  -out c2d-temporary-self-signed-cert.req \
  -subj '/CN=US/OU=Temporary Certificate/CN=Temporary Certificate/'

openssl x509 -days 2 \
  -in c2d-temporary-self-signed-cert.req \
  -out c2d-temporary-self-signed-cert.pem \
  -req -signkey c2d-temporary-self-signed-cert.key

rm -f c2d-temporary-self-signed-cert.req
rm -f .rnd

chmod 600 c2d-temporary-self-signed-cert.key
chmod 644 c2d-temporary-self-signed-cert.pem
mv c2d-temporary-self-signed-cert.key /etc/ssl/private/
mv c2d-temporary-self-signed-cert.pem /etc/ssl/certs/

cd -
rmdir "${tmpdir}"
exit 0
